Graylog
Über Graylog
Graylog Preis
Graylog bietet eine Gratisversion und eine kostenlose Testversion.
Alternativen für Graylog
Alle Bewertungen zu Graylog Filter anwenden
Nutzerbewertungen zu Graylog durchsuchen
Alle Bewertungen zu Graylog Filter anwenden
- Branche: Non-Profit-Organisation Management
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Graylog Enterprise Log for Business
prevously we using syslog server to centralize log, and when we have more server and network we can not put all those log into syslog server that store data in mysql, it perform slow search and not report correctly,
i have try spend sometime to search and i found graylog, i try to setup a few day until success because its new related to elastic search, but finally i find out and keep using until now, its around 3 years already since i use graylog server to monitor all the network activity, monitoring server with nxlog agent, monitor cisco switch with syslog, linux with syslog, and can monitor the radius authentication log, each time users plug the network or connect wifi log generated and sent to graylog-server, and graylog server create alert message send by telegram to system admin.
Vorteile
- Graylog is very powerful log, i have search around 50million of record in 3second only, very powerful log because it integrated with elastic search that perform log search very fast.
- Telegram alert notification is what i like, i create the rule to let it send notification to telegram so i know what is going on on the network/server log.
- enterprise license are free for one year, and make sure your traffic log not hit to 5GB/day.
- support various log protocol, nxlog from windows, syslog from linux, and other such as aws. but i use only nxlog and syslog only.
Nachteile
its perfect already but the dashboard not so nice, not so flexible on the reporting yet.
- Branche: Gastgewerbe
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Great value to cost ratio for a solid log management solution
Graylog has been great to work with. Their sidecar implementations make client configuration and management very easy, and even with the free version, they provide reliable, albeit limited support (I’ve gotten good, live email replies to a couple of questions, versus only allowing you to access forums, etc).
Vorteile
Very low cost of ownership, particularly if you can get the Community (Free, Open-Source) version to meet your needs. I’ve implemented Graylog at multiple organizations for only the cost of hardware / storage.
Nachteile
Would love to have more plugins / content packs available in the Graylog Marketplace. With limited hands on a team for a smaller company, there’s often not enough time to write extractors and content packs.
In Betracht gezogene Alternativen
Splunk EnterpriseWarum Graylog gewählt wurde
Cost associated with using the tool, based on data ingestion, was going to substantially increase our expenses to even maintain the solution as it stood. This was the case at multiple organizations, as well.Zuvor genutzte Software
Splunk EnterpriseGründe für den Wechsel zu Graylog
Again, of note, we didn’t purchase. While there’d be added value to enterprise plugins and support, we are meeting our needs with the Community (F.O.S.S.) version.Antwort von Graylog
Hi Tim, Thank you so much for taking time out to write us a review. Glad you are happy with Graylog & the cost savings you are seeing. We have recently launched "Illuminate" which has a lot of ready to use content packs. You can check it out here - https://www.graylog.org/illuminate/illuminate-authentication. You can sign up for our newsletter too to get updated when we launch new content packs - https://www.graylog.org/newsletter .
Thanks again,
Team Graylog
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 11–50 Mitarbeiter
- Täglich für 1-5 Monate genutzt
-
Quelle der Bewertung
Graylog software review
They do have one of the best log data visualization tools
Vorteile
I can customize the log data that will be visualized the way I want it and the analytics are mostly a true reflection
Nachteile
It was difficult to get started with Graylog because I mostly use software documentation to set up new software but apart from the basic "how it works", I got a little lost. They should improve on their documentation and provide support
- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 2–10 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Graylog the best syslog
I use Graylog for security and GDPR purposes.
Speaking about security, it helps me a lot, I collect logs from firewall, nas, switch, windows (e.g. Domain Controller and Terminal Server) and linux server, especially if they are published on internet. If you have an exchange on premise you should collect the log files under inetpub directory (use the windows filebeat).
I can download report in excel format. Updates are frequent.
A great product you should try.
Vorteile
You can choose the free version and have all the features needed to collect and look for logs. There is a huge community, so in case of need you will easily find the answer to your question/problem.
The interface is simple and you can create your own dashboard with tables, graphs and counter (you can view your logs and create tables also with graphana, using elasticsearch as data source). You need to add at least an input, it can be for example an UDP one or for windows and linux machine filebeat on port 5044 (via sidecar).
You will see your sidecar devices on the Sidecars section.
You can create and save queries using lucene language, they will help you to find any potential threat logged.
Graylog server runs on a Linux Machine, installation is quite easy, there are lot of tutorials on internet.
Nachteile
some features are only on enterprise edition, the purge of inactive sidecar sometimes does not work (you have to restart graylog-server service)
- Branche: Staatsverwaltung
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
You can’t do better for building a Log Management Ecosystem
I’ve recommended it as a solution to many local governments during my conference presentations and they’ve listened.
Vorteile
Graylog is built on ElasticSearch and extends its functionality out into a great product with the System Administrator in mind.
You stand up the platform, point logs at it and the rest is up to your internal processes.
I also enjoy that the vast majority of intelligence and augmented data is built directly into the platform rather than an outside product.
The community support forums are chock full of helpful folks.
Nachteile
For a long time the visualizations were quite lacking and we required additional tools to properly tell our data stories but this is improving drastically with each new release.
Gründe für den Wechsel zu Graylog
Cost and simplicity. Also, you can leverage any aspect of ElasticSearch that you desire as well making it a very versatile choice.- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Very strong on open source on-premise solution
Experience has been great, we started by using the free version, it has provided benefits early on to the dev teams to search through web logs without the need for downloading them and using a log parser application, or committing early to expensive paid tools. Since then we keep adding new sources and are looking at more enterprise features as usage grows.
Vorteile
Graylog has alot of flexibility and a mature feature set. We use it across all of our Windows as well as Linux servers. It has a strong community and alot of flexibility, does not impose restrictions on our applications, good documentation and generally receives regular updates and features.
Nachteile
I find some of the latest changes to the GUI (changes happen all the time with Graylog) are less user friendly - functionality to get count tables are still there but it is less dummy proof whereas before a novice user could click around in the side navigation and discover certain features. There are also less cloud offerings for Graylog so it fits more the on-premise model where you manage the graylog server/infrastructure.
In Betracht gezogene Alternativen
Splunk EnterpriseGründe für den Wechsel zu Graylog
We had a senior team member that had experience with Graylog.- Branche: Forschung
- Unternehmensgröße: Selbstständig
- Wöchentlich für 6-12 Monate genutzt
-
Quelle der Bewertung
Incredibly flexible open source log management tool
I am a data analyst so I often deal with large amounts of data that are really complicated to parse and sort through. I used Graylog to aggregate and parse logs which I later analyzed for relevant information.
Vorteile
Graylog is a fantastic tool to summarize and aggregate data into simple and highly accessible visual depictions and dashboards. Although it is an open source log management solution, it is really flexible and agile, and helps me parse data rapidly and intuitively. I think it's one of the best alternatives to Splunk - and probably is a much better tool even for enterprises.
Nachteile
Learning curve is a little bit steep. You need a somewhat technical background to learn it, but once you grasp the basics, it is way less cumbersome than others such as Alienvault or Loggly.
In Betracht gezogene Alternativen
Splunk EnterpriseGründe für den Wechsel zu Graylog
Splunk conduces its searches via a formal query language. Since I didn't know it, it was really hard to extract meaningful insight from aggregated logs that spanned across many different categories.- Branche: Bildungsmanagement
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Täglich für 1-5 Monate genutzt
-
Quelle der Bewertung
One of The Best Log Management Tools in Market
Vorteile
Amazing documentation & really easy deployment made life easier for me. Data search also I found really easy & I have tried multiple products but graylog probably the most easiest one to follow
Nachteile
Nothing much so far. It has been great for our company
In Betracht gezogene Alternativen
Splunk EnterpriseGründe für den Wechsel zu Graylog
Cost & better search. Also i found graylog better integrates with our current infrastructure too- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 2–10 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Graylog the king of syslogs
Graylog has a clean interface that I like very much. I keep monitored several devices and I created many queries that look for unusual activities.
I run and keep updated many Graylog server installations and they work fine. Just remember to se the right number of indices and their rotation to avoid loss of data if disk becomes full.
Collecting logs is also useful for GDPR purposes.
Among Syslogs i think Graylog is the best one.
Vorteile
Graylog can be totally free, and you can collect logs from windows and linux systems and from other devices such as firewalls and switches (there are many more).
You need a linux machine to install and run graylog server. With Windows and Linux you have to install Sidecar and Filebeat to collect data and configure the agent.
You can create many indices and set their retention policies.
Once you start collecting logs you can do searches with lucene query, and save your queries. Then you can download the results in .csv format.
With Graylog you can create dashboards, set alerts (e.g. via email or via telegram) that help to keep your network safe, remember to set the right path of logs in your Winlogbeat and Filebeat.
Nachteile
Some installation guides are not really clear.
- Branche: Internet
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Great piece of software
Great piece of software, all our applications and cloud provider logs are being sent to graylog. Very easy to filter and review the logs. Their staff is nice, they're always grateful to help with doubts and giving support to OSS contributors.
Vorteile
All in one product. Lot of inputs available so you can ingest logs from a wide range of applications. Pipelines are a powerful tool to normalize data before indexing.
Nachteile
UI used to look "old". Now is getting much better but it still needs more love. The "single" designated master is not very cloud friendly. I'd like some kind of automated cluster management (with quorum to elect the master node) so we don't have to manually set one node as master while keeping our scaling operations.
Antwort von Graylog
Hi Marc,
Thanks so much for taking time out to leave us a review. Glad you find the variety of inputs useful. We have shared your suggestions with our product team and they will definitely consider them.
Thanks,
Team Graylog
- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 2–10 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Best and most popular open-source log management tool
Overall, Graylog is a powerful and an outstanding Software , I recommend it to users
Vorteile
I love this software for it's amazing performance, Graylog provides real-time log analysis, enabling you to identify and respond to potential issues quickly.
Nachteile
I haven't encountered any deficiency using Graylog
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 11–50 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Logging done right
I love the product. I spread the word everywhere I go because I believe it has a future in the undustry.
Vorteile
Traditionally every IT/MSP business will use some sort of system to log data from all inputs. What I hated the most about other systems was that they really didn't improve on what was given to them (meaning logs). They either just held the logs or perhaps told me about errors I already knew.
With graylog, we were able to get a wealth of additional info. Sure it requires some work writing extractors or pipelines, but at the end you get exactly what you are looking for. And with the available plugins, you can take what you had and improve. Simple example, in the past I would get an email of all errors but now I can get an email, Slack or push it as a ticket via API.
Another great feature is the side-car addition. No more managing configs individually, you can manage and maintain the configs all from graylog.
My wish is to introduce native plugins for other SaaS products. Recently they added ability to inject Okta logs. How about Cisco Duo or Umbrella. Both are in hot demand right now, might as well get that data too.
Nachteile
It's great at what it does but it does have some limitations. Dashboards and graphs are not as flexible as lets say Grafana. Not that it should be, but if someone wants a pure dashboard system then this may not be for them.
- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 201–500 Mitarbeiter
- Täglich für 6-12 Monate genutzt
-
Quelle der Bewertung
Windows Servers Events Agreggation
My overall experience is very grafull, since i didn´t know anything about Graylog / Elastic Search, it´s been an adventures. Tears and Joy, may hours in deep community forum and documentation.
Since then, audit active directory, filesharing, is been very easy to search.
Vorteile
We use graylog for Windows Server Events (Event Viewer) in one place, it´s very usefull.
The Alert Setup and new features like Pipelines (For disclose unknown error codes) is one plus in the Graylog.
The other Pro is the community forum and support.
Theres a VDA version ready to use. (Ubuntu)
Free Enterprise Licence with Traffic limitation ( normaly for one server / event aggregation)
Nachteile
If you need to custom setup with several graylog nodes is hard to get it running in the first try.
Some nice features are only available in Enterprise Edition.
No backup for Indexes is available , need to use external options.
Very hard post-config and clean the logs for the right information (need work)
- Branche: Computer-Software
- Unternehmensgröße: 11–50 Mitarbeiter
- Monatlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Main features of Grylog
test traffic and log DB (eg. MySQL ...)
test all OS Unix/Linux system log and traffic
test log and traffic Firewall fortigate and FortiWeb device
F5 loadbalancer
Docker machine
LXC container
.........
Vorteile
1- Understand how different equipment, operating systems, databases, services and processes and different teams work in the organization.
2- Detecting security threats (in-depth analysis to find the source of the threat)
3. Dealing with cybercrime, using logs and traces of intrusion
4. Improve the process of managing applications, servers and services in real-time
5. In-depth and accurate checking of incoming and outgoing traffic at the packet level
6. Identify the relationship and correlation between logs and events
7. Identify any anomalies in different layers of IT the organization
8. Automate the process of detecting and reporting errors and anomalies to relevant teams in the organization
9. Perform normalization and immediate correlations of events and traffic
10. Provide real-time field of view and capture Network Flow data events In close proximity to advanced analytics, the service status is revealed
11.Prioritize alerts
12. Excellent speed and quality
13. Ability to write proprietary Content Pack
14. And hundreds more wonderful possibilities
15............
Nachteile
1-Speed and quality
2-Access to Content Pack
3-Being a user of Friendly
4-Support most softwares and devices
5-Good doc on the main site and internet
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: Selbstständig
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Great features and a dedicated staff.
I haven't used Graylog for logging of large enterprise systems so I can't how it performs in those cases, but I do like the DIY feel for smaller projects. It is very customizable and easy to configure things how you like.
Vorteile
I like Graylog because of how easy it is to get logs flowing into the platform. Most of my experience has been with the AWS Cloudtrail plugin, but syslog wasn't hard either. The documentation works for most typical cases. I also love the new update! The dashboards are beautiful and it's easy to get any statistic you want. It's come a long way which shows dedication and a want to always be improving.
Nachteile
Most typical use cases are covered by the documentation, but if it isn't it can take some searching to figure out if there's a way to accomplish your goal. I have no experience with the enterprise or community support so I can't say how much that might help.
In Betracht gezogene Alternativen
Splunk Enterprise- Branche: Bildungsmanagement
- Unternehmensgröße: 501–1.000 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Enterprise grade log management
I started with free version several years back and grew the cluster into multiple nodes. Product itself is solid and easy to maintain. Keep the documentation in sync with new features.
Vorteile
Initial deployment is well documented but after that it's up to the admin to figure out how to utilize the software.
Nachteile
Complexity grows with deployment size, which is expected from such software. Adding more predefined dashboards would save time for new admins while providing examples how to best utilize graylog.
- Branche: Telekommunikation
- Unternehmensgröße: 10.000+ Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Graylog support
Vorteile
Its easy to use and deploy. We have installed it over centos and its easy to deploy and start working on.
Nachteile
The customer support structure needs to improve, we have been facing unknown issues for which rca was needed however there have been issues. The streams were showing running but they were struck. Also option should be there to easily search logs
In Betracht gezogene Alternativen
Splunk EnterpriseGründe für den Wechsel zu Graylog
Cost- Branche: Computer-Software
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Great Solution for Log Collection
A complete solution when collecting log streams and alerting based on them.
Vorteile
Its a good solution when comes to log collecting and alerting based on the metrics. It can use for send notifications through mail, slack etc.
Nachteile
Implementation was hard. There were issues within the log retention setup and sometimes had to rotate manually.
- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 2–10 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Find it, fix it..
Vorteile
Fire as many log files in to Graylog as you can find across your infrastructure, whether it be Linux, Windows or hardware.
Fine grain search, alerts and actions are at your fingertips in milliseconds 😁
Nachteile
Not really any downsides.. as long as you have enough storage!
- Branche: Staatsverwaltung
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Excelente
Monitoreo de logs
Vorteile
La facilidad de uso y configuracion , las alertas.
Nachteile
Tal vez los gráficos , la configuración para HA
- Branche: Computer-Software
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Good tool for centralizing logs, but difficult to configure
Vorteile
The possibility of centralizing logs, besides being able to create deshboards
Nachteile
Difficult to configure and manage, confusing
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 11–50 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Great software that keeps improving
Vorteile
Meets all of our logging needs and is very customizable. Community Edition is a great introduction to Graylog.
Nachteile
Catching up on the latest updates can be a pain.
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 51–200 Mitarbeiter
- Monatlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Graylog
Very good, we needed to collect our application logs for an audit, Graylog does the job perfectly!
Vorteile
Very easy to send logs to Graylog and collect them using sidecar.
Nachteile
Building dashboards takes some time to understand, check out the marketplace for them
In Betracht gezogene Alternativen
Splunk EnterpriseGründe für den Wechsel zu Graylog
Splunk was way too expensive- Branche: Telekommunikation
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Täglich für 6-12 Monate genutzt
-
Quelle der Bewertung
Excellent log management platform
Great log management platform, extremely flexible.
Vorteile
Multiple deployment options
Powerful log parsing and dashboarding features
Open source (for the most part)
Nachteile
Some great features are exclusive to the paid tier.
- Branche: Logistik & Lieferkette
- Unternehmensgröße: 5.001–10.000 Mitarbeiter
- Wöchentlich für 1-5 Monate genutzt
-
Quelle der Bewertung
Great product but could use some additional documentation and examples
Overall the product is great and you can get away with a lot without having to purchase a license.
Vorteile
Open source, scalable, efficient, many powerful features, accepts all sorts of inputs for logs, open marketplace for users to share their content packs
Nachteile
Large scale deployment documentation is missing (sure they give you ideas but it could really use a how to article or video). Could use some of the features from kibana.
- Branche: Computer-Software
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Graylog used as a platform for performance monitoring
Vorteile
We have integrated graylog with a ES cluster and used beats forwarders to send performance metrics from a server cluster. So from a single interface we were able to setup log settings for multiple inputs. Also the grok patterns were very useful for incoming message processing.
Nachteile
Would like to have few more dashboard options. Some panels like Kibana dashboards.
- Branche: Computer- & Netzwerksicherheit
- Unternehmensgröße: 10.000+ Mitarbeiter
- Weitere für Kostenlose Testversion genutzt
-
Quelle der Bewertung
Graylog-One stop for centralized log management
Overall, Graylog was serving the purpose of centralized log management solution. Easy to install with ELK stack to improvise the log server architecture. We were able to implement a centralized log management with GUI and sent filtered logs to SIEM which saved cost of SIEM license and enhanced security incident management.
Vorteile
Integration with multiple log sources and log filtering.
Nachteile
Alert notification based on correlation of log parameters feature is missing.
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für 1-5 Monate genutzt
-
Quelle der Bewertung
Logging and alerting all in one place
Vorteile
The most that I like about this software is that it keeps all of our application error logging all in one place and we use it to set up alerting policies whenever we get more than 5 errors in a minute or so. This allows us to get our engineers on the problem and fix it as soon as possible instead of waiting until a end-user reports an error which is not proactive.
Nachteile
The least thing that I liked about the software was the way that it collects the logs, you need to send your logs in a specific format for Graylog to consume so that may take writing a small application or script in the middle to parse and format your logs over to Graylog in the correct format.
- Branche: Finanzdienstleistungen
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für 1-5 Monate genutzt
-
Quelle der Bewertung
Good log analysis solution
With time, a powerful solution
Vorteile
Dashboards and custom fields. Compatible with every system
Nachteile
Its not easy for beginners , no price list on the website, time consuming installation
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: Selbstständig
- Weitere für 1-5 Monate genutzt
-
Quelle der Bewertung
Easy to set up and use
When I needed to get logs into one centralized location for reading and understanding, graylog accomplished this when others couldn't.
Vorteile
Compared to other products of similar nature, I found graylog to be the easiest to setup and deploy, even on a limited VM.
It's surprisingly well put together and can run even on a resource limited virtual machine.
Nachteile
The interface could be a bit nicer, maybe it has improved since I last used it, but that's the only issue I had with it.
- Branche: Computer-Software
- Unternehmensgröße: 501–1.000 Mitarbeiter
- Monatlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Great tool
Vorteile
The ease of use and integration, we are sending all app logs to Graylog and generating alerts and sending the alerts to Splunk. This is helping reduce the cost.
Nachteile
There is no particular feature we haven't liked.
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 51–200 Mitarbeiter
- Monatlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Excellent Tool
Excellent.
Highly recommend to folks looking for SIEM.
Vorteile
Ease of Deployment.
Ease to Configure Rules.
Very less overhead when Implementing.
Nachteile
Documentation can be improved.
Speed of digestion can be improved further